package com.treasure.web.interceptor;

import com.treasure.common.enums.IdentitiesEnum;
import com.treasure.common.exception.ServiceException;
import com.treasure.common.model.SessionUser;
import com.treasure.common.model.SessionUserHolder;
import org.jetbrains.annotations.NotNull;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;

/**
 * @author sunhongmin
 * @date 2023/9/11 23:18
 * @description
 */
@Component
@Order(4)
public class SystemManagementAuthInterceptor implements HandlerInterceptor {

    @Override
    public boolean preHandle(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull Object handler) {
        SessionUser sessionUser = SessionUserHolder.getAndCheckSessionUser();
        if (!Objects.equals(sessionUser.getIdentitiesEnum(), IdentitiesEnum.SUPER_ROOT_ADMIN)
        ) {
            throw new ServiceException("当前用户不具有系统管理权限，请从系统管理登录后再次操作");
        }
        return true;
    }
}
